It's not an accurate scan in this case because I performed it from the localhost to the localhost, but when scanning another OS X machine, this makes it easier. Using the basic scan (nmap localhost), I did find tcp port 631 (internet printing protocol) open.

Ah-ha!

That'd be my networked Samsung CLP-610 printer. I go to System Preferences and ensure that I don't have printer sharing on. This port is open so I can see how much ink is left on the printer, what its status is, IP address if changed, etc. It allows me to manage the printer remotely, although I've yet to find the virtual paper loader.

In future articles, I'll take a look at software firewall options for OS X since a lot of users are being given nifty MacBooks and MacBook Pros to lug about airports. I'll also look at some of the wireless sniffing options.

Even though the history of Mac has been solid from a security standpoint — and it remains relatively solid today — it doesn't mean that we should sit on our laurels.